OVAL Reference oval:org.mitre.oval:def:17261

Oval Definition:

oval:org.mitre.oval:def:17261

Revision Date:	2014-08-18	Version:	26
Title:	Array access violation vulnerability in Microsoft .NET Framework and Silverlight - MS13-052
Description:	Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5, and Silverlight 5 before 5.1.20513.0, does not properly prevent changes to data in multidimensional arrays of structures, which allows remote attackers to execute arbitrary code via (1) a crafted .NET Framework application or (2) a crafted Silverlight application, aka "Array Access Violation Vulnerability."
Family:	windows	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2013-3131
Platform(s):	Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP	Product(s):	Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.0 Microsoft .NET Framework 4.5 Microsoft Silverlight 5
Definition Synopsis
.net 2.0 sp2/xp/server 2003/versions either os Microsoft Windows XP x64 is installed OR Microsoft Windows XP (32-bit) is installed OR Microsoft Windows Server 2003 (32-bit) is installed OR Microsoft Windows Server 2003 (x64) is installed OR Microsoft Windows Server 2003 (ia64) Gold is installed AND Microsoft .NET Framework 2.0 Service Pack 2 is installed AND either file versions GDR/LDR Check if the version of mscorlib.dll is less than 2.0.50727.3649 OR ldr range Check if the version of mscorlib.dll is less than 2.0.50727.7026 AND Check if the version of mscorlib.dll is greater than or equal to 4.0.30319.19000 OR .net 2.0 sp2/vista/server 2008/versions either os Microsoft Windows Vista x64 Edition is installed OR Microsoft Windows Vista (32-bit) is installed OR Microsoft Windows Server 2008 (64-bit) is installed OR Microsoft Windows Server 2008 (32-bit) is installed OR Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft .NET Framework 2.0 Service Pack 2 is installed AND either file versions Check if the version of mscorlib.dll is less than 2.0.50727.4241 OR ldr range Check if the version of mscorlib.dll is less than 2.0.50727.7025 AND Check if the version of mscorlib.dll is greater than or equal to 2.0.50727.7000 OR .net 3.5/win8/server 2012/versions either os Microsoft Windows 8 (x64) is installed OR Microsoft Windows Server 2012 (64-bit) is installed OR Microsoft Windows 8 (x86) is installed AND Microsoft .NET Framework 3.5 SP1 is installed AND either file versions Check if the version of mscorlib.dll is less than 2.0.50727.6407 OR ldr range Check if the version of mscorlib.dll is less than 2.0.50727.7025 AND Check if the version of mscorlib.dll is greater than or equal to 2.0.50727.7000 OR .net 3.5.1/win 7/server 2008 R2/versions either os Microsoft Windows 7 (32-bit) is installed OR Microsoft Windows 7 x64 Edition is installed OR Microsoft Windows Server 2008 R2 x64 Edition is installed OR Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Microsoft .NET Framework 3.5 SP1 is installed AND either file versions Check if the version of mscorlib.dll is less than 2.0.50727.5472 OR ldr range Check if the version of mscorlib.dll is less than 2.0.50727.7025 AND Check if the version of mscorlib.dll is greater than or equal to 2.0.50727.7000 OR .net 4.0/win xp.server 2003/vista/server 2008/win 7/server 2008 R2/versions either os Microsoft Windows XP x64 is installed OR Microsoft Windows XP (32-bit) is installed OR Microsoft Windows Server 2003 (32-bit) is installed OR Microsoft Windows Server 2003 (x64) is installed OR Microsoft Windows Server 2003 (ia64) Gold is installed OR Microsoft Windows Vista x64 Edition is installed OR Microsoft Windows Vista (32-bit) is installed OR Microsoft Windows Server 2008 (64-bit) is installed OR Microsoft Windows Server 2008 (32-bit) is installed OR Microsoft Windows Server 2008 (ia-64) is installed OR Microsoft Windows 7 (32-bit) is installed OR Microsoft Windows 7 x64 Edition is installed OR Microsoft Windows Server 2008 R2 x64 Edition is installed OR Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Microsoft .NET Framework 4.0 is installed AND either file versions Check if the version of mscorlib.dll is less than 4.0.30319.1008 OR ldr range Check if the version of mscorlib.dll is less than 4.0.30319.2012 AND Check if the version of mscorlib.dll is greater than or equal to 4.0.30319.2000 OR .net 4.5/vista/server 2008/win 7/server 2008 R2/versions either os Microsoft Windows Vista x64 Edition is installed OR Microsoft Windows Vista (32-bit) is installed OR Microsoft Windows Server 2008 (64-bit) is installed OR Microsoft Windows Server 2008 (32-bit) is installed OR Microsoft Windows 7 (32-bit) is installed OR Microsoft Windows 7 x64 Edition is installed OR Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft .NET Framework 4.5 is installed AND either file versions Check if the version of mscorlib.dll is less than 4.0.30319.18052 OR ldr range Check if the version of mscorlib.dll is less than 4.0.30319.19080 AND Check if the version of mscorlib.dll is greater than or equal to 4.0.30319.19000 OR .net 4.5/win 8/server 2012/versions either os Microsoft Windows 8 (x64) is installed OR Microsoft Windows Server 2012 (64-bit) is installed OR Microsoft Windows 8 (x86) is installed AND Microsoft .NET Framework 4.5 is installed AND either file versions Check if the version of mscorlib.dll is less than 4.0.30319.18051 OR ldr range Check if the version of mscorlib.dll is less than 4.0.30319.19079 AND Check if the version of mscorlib.dll is greater than or equal to 4.0.30319.19000 OR silverlight/version Microsoft Silverlight 5 is installed AND Check if the version of Silverlight is less than 5.1.20513

BACK